I ran into an interesting Windows quirk recently. I set up a spare Windows 7 box as a GitLab-CI Runner to see if it was any better than an existing Jenkins-based pipeline. The runner is pretty easy to set up, a few commands and I had it set up as a service running under Windows built in Local System account - the recommended configuration.

I configured the runner to clone a master repo (set up as a public repo in GitLab) and run some build scripts. One of those scripts checks out a submodule which comes from another GitLab repo, but this one's permissions are set to internal. This caused the script to barf because internal repos in GitLab require authentication.